<?php
class XB_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract 
{
	private $_auth = null;
	private $_acl = null;
	
	public function routeStartup(Zend_Controller_Request_Abstract $request){
		$this->_acl = new Zend_Acl();

		$this->_acl->addRole(new Zend_Acl_Role('guest'))
			->addRole(new Zend_Acl_Role('member'),'guest')
			->addRole(new Zend_Acl_Role('admin'),'member');
			
		$this->_acl->addResource(new Zend_Acl_Resource('front'));
		$this->_acl->addResource(new Zend_Acl_Resource('member'));
		$this->_acl->addResource(new Zend_Acl_Resource('back'));
		
		$this->_acl->deny();
		$this->_acl->allow('guest','front')
			->allow('member','member')
			->allow('admin');
	}
		
	public function preDispatch(Zend_Controller_Request_Abstract $request){
		$identity = Zend_Auth::getInstance()->getIdentity();

		$identity ? $role = 'member' : $role = 'guest';
		$resource = $request->getModuleName();

        if(!$this->_acl->isAllowed($role,$resource))
        {     	   	    	    
		  $request->setModuleName('default')
						->setControllerName('index')
						->setActionName('index');
        }
	}
}